Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
of 10
-
Upload
michel-de-crevoisier -
Category
Documents
-
view
217 -
download
0
Transcript of Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
1/10
>
Fråntelh m―uh R_H E_sdf
Vetd-tl-Vetd nvdf Nzurd (v>.>>)
]utlren` flhëu dt råmekå pnr Jefcd` md FQDRLEVEDQ ‖ Båvredr 1?>4
VLTQFDV
Flhbekurntelh mu råsdnu sur Nzurd 7
cttp7//nzurd.jefrlslbt.flj/dh-us/mlfujdhtntelh/nrtef`ds/vertun`-hdtwlris-frdntd-setd-tl-setd-
frlss-prdjesds-flhhdftevety/
Flhbekurntelh QQNV pdrslhhn`esåd 7
cttp7//www.flhfurrdhfy.flj/ehbrnstrufturd/setd-tl-nzurd-vph-usehk-wehmlws-sdrvdr-1?>1-rr ns/
Flhbekurntelh nvdf _bsdhsd 7
cttps7//ihlw`dmkd.zljdrs.du/pbsdhsd/_nkds/Clw-tl-flhhdft-nh-Nzurd-f`lum-tl-pbVdhsd-lvdr-E_Vdf.nspx
http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/http://www.concurrency.com/infrastructure/site-to-azure-vpn-using-windows-server-2012-rras/https://knowledge.zomers.eu/pfsense/Pages/How-to-connect-an-Azure-cloud-to-pfSense-over-IPSec.aspxhttps://knowledge.zomers.eu/pfsense/Pages/How-to-connect-an-Azure-cloud-to-pfSense-over-IPSec.aspxhttps://knowledge.zomers.eu/pfsense/Pages/How-to-connect-an-Azure-cloud-to-pfSense-over-IPSec.aspxhttps://knowledge.zomers.eu/pfsense/Pages/How-to-connect-an-Azure-cloud-to-pfSense-over-IPSec.aspxhttps://knowledge.zomers.eu/pfsense/Pages/How-to-connect-an-Azure-cloud-to-pfSense-over-IPSec.aspxhttps://knowledge.zomers.eu/pfsense/Pages/How-to-connect-an-Azure-cloud-to-pfSense-over-IPSec.aspxhttp://www.concurrency.com/infrastructure/site-to-azure-vpn-using-windows-server-2012-rras/http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
2/10
1
EHMDS
VLTQFDV ................................................................................................................................................. >
EHMDS ...................................................................................................................................................... 1
_rånjau`d ............................................................................................................................................... 1
>. Flhbekurntelh mu R_H sur Nzurd ........................................................................................................ 6
>.> Qåsdnu ̀ lfn` .............................................................................................................................. 6
>.1 Qåsdnu vertud`................................ ............................................................................................ 6
>.6 Fråntelh md `n pnssdrd`̀ d ............................................................................................................ 4
1. Flhbekurntelh mu R_H Lh _rdjesd ..................................................................................................... 2
1.> Flhbekurntelh mds ehtdrbnfds råsdnu ............................................................................................ 2
1.1 Flhbekurntelh mu sdrvdur................................ ............................................................................ 2
6. Flhbekurntelh mu pnrd-bdu ................................................................................................................. ;
=. Flhhdxelh R_H jutud``d .................................................................................................................. 3
=.> Dtna`essdjdht md ̀ n flhhdxelh.................................................................................................... 3
=.1 Resun`entelh md `―åtnt md flhhdxelh ............................................................................................. 5
4. Lptejesntelhs ................................................................................................................................. >?
_rånjau`d
_lur fd tutl, g―ute`esdrne 1 sdrvdurs jdjards mu jçjd mljnehd nehse qud `d sdrvefd Nzurd plur`―åtna`essdjdht m―uh R_H setd-tl-setd 7
VQR-NM7 sdrvdur Nftevd Merdftlry dt MHV Lh _rdjesd (ehstn``ntelh hlh måtne``åd)
VQR-R_H 7 sdrvdur [ehmlws måmeå plur `n flhhdxelh R_H nvdf Nzurd (ehstn``ntelh hlh
måtne``åd)
@―lagdfteb md fdt nrtef`d sdrn md flhhdftdr `ds mdux råsdnux nbeh md jdttrd dh p`nfd uh råp`efn md
flhtrý`dur md mljnehd mnhs `d f`lum.
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
3/10
6
>.
Flhbekurntelh mu R_H sur Nzurd
>.> Qåsdnu `lfn`
_lur fljjdhfdr, frådz uh råsdnu `lfn` sur Nzurd. _lur fd`n, rdhsdekhdz 7
@d hlj md vltrd råsdnu @NH « Lh _rdjesd ¹. @―E_ pua`equd mu setd lõ sd trluvdrn vltrd åquepdjdht R_H. Nttdhtelh, fd`ue-fe hd mlet pns
çtrd mdrreãrd uh HN].
N `―åtnpd suevnhtd, rdhsdekhdz `d p`nh m―nmrdssnkd md vltrd @NH « Lh _rdjesd ¹ 7
>.1
Qåsdnu vertud`
>.1.> Fråntelh mu råsdnu vertud`
_lur frådr uh råsdnu vertud` sur Nzurd, e` dst håfdssnerd md rdhsdekhdr 7
@d hlj mu råsdnu vertud`
@ds E_ md vls sdrvdurs MHV
@d typd md R_H slucnetå (dh `―lffurrdhfd « setd ï setd ¹)
@d råsdnu `lfn` ï ute`esdr (måbehe nu pleht >.>)
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
4/10
=
>.1.1 Nmrdssnkd mu råsdnu vertud`
Måbehessdz dhsuetd `d p`nh m―nmrdssnkd mu råsdnu dt mds slus-råsdnux Nzurd. Hltdz qu―e` sdrn håfdssnerd md måbeher uh « slus råsdnu md pnssdrd``d ¹ plur `d R_H 7
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
5/10
4
>.6 Fråntelh md `n pnssdrd``d
Rltrd råsdnu vertud` dst måslrjnes fråå. E` vlus bnut jnehtdhnht frådr uhd pnssdrd``d 7
_lur fd`n, f`equdz sur « Frådr uhd pnssdrd``d ¹ dt pntedhtdz dhtrd >4 dt 64 jehutds plur sn fråntelh.
Nttdhtelh 7
[ehmlws Vdrvdr 1?>1 / 1?>1 Q1 hd supplrtd pns `d rlutnkd stntequd.
@d rlutnkd myhnjequd dst la`ekntlerd plur mds R_H md typd « ju`te setd R_H ¹, « RHD] tl
RHD] ¹ dt « _leht ï setd ¹.
Thd bles `―nssestnht tdrjehå dt `n pnssdrd``d frååd, e` hd vlus rdstd p`us qu―ï flhbekurdr vltrd
åquepdjdht R_H « Lh _rdjesd ¹ 7
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
6/10
2
1.
Flhbekurntelh mu R_H Lh _rdjesd
Thd bles `n pnssdrd``d frååd, e` dst håfdssnerd md flhbekurdr vltrd åquepdjdht R_H « Lh _rdjesd ¹
nbeh qu―e` puessd sd flhhdftdr ï `n pnssdrd``d R_H blurhed pnr Nzurd. @n `estd mds åquepdjdhts
supplrtås (Fesfl, Guhepdr, B4, _n`l N`tl, …) dst mesplhea`d efe. Mnhs hltrd fns, hlus ute`esdrlhs uh
sdrvdur slus [ehmlws Vdrvdr 1?>1 Q1.
1.> Flhbekurntelh mds ehtdrbnfds råsdnu
Vur vltrd sdrvdur [ehmlws, flhbekurdz `ds mdux ehtdrbnfds råsdnu suevnhtds 7
@NH 7 nmrdssnkd sur vltrd råsdnu `lfn`
[NH 7 nmrdssd pua`equd lu rdmerekåd plehtnht merdftdjdht sur `d sdrvdur. _dhsdz ï 7
l Måsnftevdr `―dhrdkestrdjdht MHV
l Måsnftevdr « F`edht blr Jeflslbt Hdtwlris ¹ dt « Be`d nhm _rehtdr scnrehk ¹
1.1
Flhbekurntelh mu sdrvdur
_lur flhbekurdr ehtåkrn`djdht `d sdrvdur R_H [ehmlws nvdf `d rý`d QQNV 7
]å`åfcnrkdz `d sfrept m―nutl flhbekurntelh dh nfflrm nvdf vltrd sl`utelh R_H rdtdhud 7
Flpedz `d sfrept sur vltrd sdrvdur R_H [ehmlws dt rdhljjdz-`d dh « ._V> ¹
Dxåfutdz-`d mdpues uhd flhsl`d nmjehestrntdur dt `nessdr `d sfrept flhbekurdr `d sdrvdur 7
https://msdn.microsoft.com/library/azure/jj156075.aspxhttps://msdn.microsoft.com/library/azure/jj156075.aspxhttps://msdn.microsoft.com/library/azure/jj156075.aspxhttps://msdn.microsoft.com/library/azure/jj156075.aspx
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
7/10
;
Hltd 7 `―drrdur nppnrud h―dst pns krnvd. D``d ehmequd sejp`djdht qud `d sdrvefd QQNV n jes p`us
`lhktdjps qud pråvu ï måjnrrdr.
6.
Flhbekurntelh mu pnrd-bdu
_lur nfcdjehdr `d trnbef vdrs vltrd sdrvdur R_H, vlus mdvrdz rdmerekdr `ds plrts fe-
mdsslus (slurfd) sd`lh fds mdux flhtdxtds 7
Rltrd QQNV dst setuå mdrreãrd uh pnrd-bdu 7
E_ _rltlfl` ]ypd:TM_, TM_ _lrt Hujadr:4?? 0- Tsdm ay EIDv1 (E_Vdf flhtrl` pntc)
E_ _rltlfl` ]ypd:TM_, TM_ _lrt Hujadr:=4?? 0- Tsdm ay EIDv1 (E_Vdf flhtrl` pntc)
E_ _rltlfl` ]ypd:4? 0- Tsdm ay EIDv1 (E_Vdf flhtrl` pntc)
Rltrd QQNV dst merdftdjdht flhhdftå ï ehtdrhdt 7
E_ _rltlfl` ]ypd:TM_, TM_ _lrt Hujadr:4?? 0- Tsdm ay EIDv1 (E_Vdf flhtrl` pntc)
E_ _rltlfl` ]ypd:TM_, TM_ _lrt Hujadr:=4?? 0- Tsdm ay EIDv1 (E_Vdf flhtrl` pntc)
E_ _rltlfl` ]ypd:TM_, TM_ _lrt Hujadr:>;?> 0- Tsdm ay @1]_ flhtrl`/mntn pntc
E_ _rltlfl` ]ypd:4? 0- Tsdm ay mntn pntc (DV_)
http://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspxhttp://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspxhttp://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspxhttp://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspx
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
8/10
3
=.
Flhhdxelh R_H jutud``d
=.> Dtna`essdjdht md `n flhhdxelh
Thd bles `n flhbekurntelh mu sdrvdur R_H « Lh _rdjesd ¹ tdrjehåd, vlus pluvdz `nhfdr `―åtna`essdjdht
md `n flhhdxelh R_H. _lur fd`n 7 Vur Nzurd, f`equdz sur Flhhdftdr dt pntedhtdz gusqu―ï qud `n flhhdxelh slet `nhfåd 7
Qdjnrqud 7 `d alutlh Flhhdftdr nppnrnètrn kreså s―e` s―nket m―uhd pnssdrd``d « myhnjequd ¹ 7
Nprãs qule, sur `n flhsl`d QQNV, f`ef mrlet sur `―ehtdrbnfd « Mdjnhm-men` ¹ 8 Flhhdft
Ve tlut n åtå flrrdftdjdht flhbekurå, `d stntut md `―ehtdrbnfd Mdjnhm-men ̀mlet pnssdr dh Flhhdftdm 7
Md `n jçjd bnëlh, `d trnbef md mlhhåds dhtrnhtds dt slrtnhtds mlet nukjdhtdr sur `n flhsl`d Nzurd 7
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
9/10
5
=.1 Resun`entelh md `―åtnt md flhhdxelh
_lur vårebedr qud tlut dst lpårntelhhd`, vlus pluvdz flhsu`tdr `ds stntestequds nu hevdnu md `n flhsl`d
QQNV mnhs `―npnrtå Kdhdrn` 7
Nu hevdnu mu pnrd-bdu, vlus pluvdz åkn`djdht vesun`esdr `ds nmrdssds dt pnrnjãtrds E_sdf ute`esås 7
Hltd 7 ̀ n fl`lhhd « _rltlfl` ¹ ehmequd `―nutcdhtebefntelh dt `d fcebbrdjdht rdtdhu plur `―åtna`essdjdht
mu tuhhd` E_sdf. Dh `―lffurrdhfd, « = ¹ rdpråsdhtd (slurfd) 7
Ehetentlr 7 DV_ 6\MDV VCN
Qdsplhmdr 7 NC VCN> wetc DV_ NDV\>13 wetc hu`` CJNF
Rlus pluvdz åkn`djdht flhsu`tdr `ds tna`ds md rlutnkd sur vltrd sdrvdur R_H 7
https://msdn.microsoft.com/en-us/library/azure/jj156075.aspx#bkmk_IPsecParametershttps://msdn.microsoft.com/en-us/library/azure/jj156075.aspx#bkmk_IPsecParametershttps://msdn.microsoft.com/en-us/library/azure/jj156075.aspx#bkmk_IPsecParametershttps://msdn.microsoft.com/en-us/library/azure/jj156075.aspx#bkmk_IPsecParameters
-
8/9/2019 Mise en place d'un VPN site-to-site avec Azure (tuto de a à Z)
10/10
>?
4.
Lptejesntelhs
Rlus pluvdz npp`equdr `ds lptejesntelhs suevnhtds nbeh md såfuresdr vltrd sdrvdur 7
Nrrçtdr ̀ d sdrvdur EEV dt `d pnssdr ̀ d jlmd md måjnrrnkd mu sdrvefd dh jnhud` (e` h―dst pns
plssea`d md `d måsehstn``dr dh rneslh md sds blrtds måpdhmnhfds nvdf QQNV)
Måsnftevdr tlutds ̀ ds rãk`ds md pnrd dhtrnht, snub fd``ds ̀ eåds nu Aurdnu ï Mestnhfd, nupnrtnkd råsdnu VJA dt nu pehk 7
H―cåsetdz pns ï j―dhvlydr vls fljjdhtnerds lu rdtlurs ï `―nmrdssd suevnhtd 7
j.mdfrdvlesedr N-Q-?-A-N-4 lut`lli . flj
Vlydz-dh m―lrds dt mågï rdjdrfeå
![Tuto blog[1]](https://static.fdocuments.us/doc/165x107/55bb0059bb61eb342d8b480d/tuto-blog1.jpg)
